CVE-2016-9189 - OpenCVE

Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Python	Pillow

Configuration 1 [-]

cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

References

Link	Resource
http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html	Vendor Advisory
http://www.debian.org/security/2016/dsa-3710	Third Party Advisory
http://www.securityfocus.com/bid/94234	Third Party Advisory VDB Entry
https://github.com/python-pillow/Pillow/issues/2105	Issue Tracking Patch Third Party Advisory
https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f	Issue Tracking Patch Third Party Advisory
https://security.gentoo.org/glsa/201612-52

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2016-11-04T10:00:00

Updated: 2017-06-30T16:57:01

Reserved: 2016-11-04T00:00:00

Link: CVE-2016-9189

JSON object: View

NVD Information

Status : Modified

Published: 2016-11-04T10:59:09.680

Modified: 2017-07-01T01:30:12.313

Link: CVE-2016-9189

JSON object: View

Redhat Information

No data.

CWE

CWE-190

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-11-04T00:00:00", "descriptions": [{"lang": "en", "value": "Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the \"crafted image file\" approach, related to an \"Integer Overflow\" issue affecting the Image.core.map_buffer in map.c component."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-30T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f"}, {"name": "GLSA-201612-52", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201612-52"}, {"name": "94234", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94234"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/python-pillow/Pillow/issues/2105"}, {"name": "DSA-3710", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3710"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-9189", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the \"crafted image file\" approach, related to an \"Integer Overflow\" issue affecting the Image.core.map_buffer in map.c component."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f", "refsource": "CONFIRM", "url": "https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f"}, {"name": "GLSA-201612-52", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201612-52"}, {"name": "94234", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94234"}, {"name": "https://github.com/python-pillow/Pillow/issues/2105", "refsource": "CONFIRM", "url": "https://github.com/python-pillow/Pillow/issues/2105"}, {"name": "DSA-3710", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3710"}, {"name": "http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html", "refsource": "CONFIRM", "url": "http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-9189", "datePublished": "2016-11-04T10:00:00", "dateReserved": "2016-11-04T00:00:00", "dateUpdated": "2017-06-30T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python:pillow:*:*:*:*:*:*:*:*", "matchCriteriaId": "71E0C98C-17B8-4EA0-8106-CD74C6AD9FBC", "versionEndIncluding": "3.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the \"crafted image file\" approach, related to an \"Integer Overflow\" issue affecting the Image.core.map_buffer in map.c component."}, {"lang": "es", "value": "Pillow en versiones anteriores a 3.3.2 permite a atacantes dependientes de contexto obtener informaci\u00f3n sensible utilizando la aproximaci\u00f3n \"archivo de imagen manipulado\", relacionado con un problema \"Integer Overflow\" que afecta a Image.core.map_buffer en el componente map.c."}], "id": "CVE-2016-9189", "lastModified": "2017-07-01T01:30:12.313", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-11-04T10:59:09.680", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://pillow.readthedocs.io/en/3.4.x/releasenotes/3.3.2.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3710"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94234"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/python-pillow/Pillow/issues/2105"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/python-pillow/Pillow/pull/2146/commits/c50ebe6459a131a1ea8ca531f10da616d3ceaa0f"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201612-52"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Primary"}]}